<!--#include file="Config.asp"-->
<!--#include file="_Inc/_Fun_Base64.asp"-->

<%
dim GetCode,valicode
'base64Encode初始化
call initCodecs
UserName=trim(request.form("UserName"))
password=base64Encode(trim(request.form("password")))
Code=int(request.form("code"))
valicode=int(Session("GetCode"))


if Code<>valicode Then
'验证码错误
ErrorMsg="验证码错误!"
response.redirect "UserLogin.asp?ErrorMsg="&ErrorMsg
'response.redirect "Error.asp?ErrorID=101"
response.end
end If

if UserName="" or password="" then
response.redirect "UserLogin.asp"
Else
sql="select * from [Users] where username='"&UserName&"'"
rs.Open Sql,conn,1,1
'MD5匹配
'if rs("password")<>md5(request.form("password")) Then
'base64Encode匹配
if Trim(rs("password"))<>password Then

'密码错误
ErrorMsg="密码错误!"
response.redirect "UserLogin.asp?ErrorMsg="&ErrorMsg
'response.redirect "Error.asp?ErrorID=103"
response.end
else
session("AnyPIM_username")=UserName
session("AnyPIM_userID")=int(rs("ID"))
session("AnyPIM_RightVisit")=int(rs("RightVisit"))
session("AnyPIM_RightAdd")=int(rs("RightAdd"))
session("AnyPIM_RightEdit")=int(rs("RightEdit"))
session("AnyPIM_RightDel")=int(rs("RightDel"))
session("AnyPIM_RightIncorporate")=int(rs("RightIncorporate"))
session("AnyPIM_RightAdmin")=int(rs("RightAdmin"))
rs.close
set rs=nothing
End If

ip=Request.ServerVariables ("REMOTE_ADDR")
set rslogin=server.createobject("adodb.recordset")
sqllogin="select * from UserLoginRecord where id is null"
rslogin.open sqllogin,conn,1,3
rslogin.addnew
rslogin("time")=now()
rslogin("UserID")=session("AnyPIM_userID")
rslogin("ip")=ip
rslogin("LogType")="Login"
rslogin("name")=UserName
rslogin("SERVER_SOFTWARE")=Request.ServerVariables ("SERVER_SOFTWARE")
rslogin("HTTP_USER_AGENT")=Request.ServerVariables ("HTTP_USER_AGENT")
rslogin.update
rslogin.close
response.redirect "sys_gourl.asp"
end if


%>